Systems and methods for pushing hosted universal resource locator to mobile computing devices

ABSTRACT

A host system pushing hosted Universal Resource Locators (URLs) to mobile computing devices is provided. The host system includes at least one host computing device configured to receive first merchant data and first Internet of Technology (IOT) data associated with a merchant computing device, enroll the merchant computing device using the first merchant data and the first IOT data, and build an IOT device profile. The host computing device is also configured to generate a hosted URL associated with the merchant computing device and push the hosted URL, using a URL signal, to a user computing device via an IOT device. The host computing device is further configured to instruct the user computing device to convert the URL signal into a URL address and instruct the user computing device to load the URL address in a browser of the user computing device.

BACKGROUND

The field of the present disclosure relates generally to pushing hostedUniversal Resource Locators (URLs) to mobile computing devices and, moreparticularly, to systems and methods for receiving a broadcasted URLsignal, including the URL, at a mobile computing device, converting thebroadcasted URL signal into a URL address, loading the URL address intothe mobile computing device browser, and prompting a user to enteradditional data into a webpage so as to initiate a payment transactionusing wireless communication systems.

Over the past several years, the amount of e-commerce transactions hasmassively increased. Understandably, many merchants now provide virtualpurchase platforms (in addition to in-person, brick-and-mortar purchaseplatforms), offering merchant-run websites (both desktop and mobileversions) and downloadable software applications that allow consumers tobrowse their stores and purchase goods. In some aspects, these digitaloutlets are preferable. The merchant need not maintain as manystorefronts or employ as many people. Some merchants even offeronline-exclusive products, services, and offers to entice consumers tomake their purchases on these online purchase platforms. However, somemerchants, especially merchants running small businesses, do not havethe purchasing power and/or expertise to run these digital outlets.Moreover, these digital outlets may be subject to fraudulent activity ifthey are not securely operated.

Accordingly, a system that is affordable, easy to use, and reliable andthat enables the use of these digital outlets is desirable.

BRIEF DESCRIPTION

In one aspect, a host system for pushing hosted Universal ResourceLocators (URLs) to mobile computing devices is provided. The host systemincludes at least one host computing device that includes a processorcommunicatively coupled to a memory and is configured to receive firstmerchant data and first Internet of Technology (IOT) data associatedwith a merchant computing device that is associated with a merchant andis in communication with an Internet of Technology (IOT) device. Thehost computing device is also configured to enroll the merchantcomputing device using the first merchant data and the first IOT data,build, in an IOT data table, an IOT device profile using the firstmerchant data and the first IOT data, and generate a hosted UniformResource Locator (URL) associated with the merchant computing device.The host computing device is further configured to push the hosted URL,using a URL signal, to a user computing device via the IOT device,wherein the URL signal is associated with the merchant, and wherein thehosted URL is pushed when the user computing device is paired to the IOTdevice. The host computing device is also configured to instruct theuser computing device to convert the URL signal into a URL address,wherein the URL address is configured to direct a browser of the usercomputing device to a URL page associated with the merchant, andinstruct the user computing device to load the URL address in thebrowser and display the URL page to a consumer associated with the usercomputing device.

In another aspect, a computer-implemented method for pushing hostedUniversal Resource Locators (URLs) to mobile computing devices isprovided. The method is performed using a host computing device thatincludes at least one processor in communication with at least onememory device. The method includes receiving first merchant data andfirst Internet of Technology (IOT) data associated with a merchantcomputing device, wherein the merchant computing device is associatedwith a merchant and is in communication with an Internet of Technology(IOT) device. The method also includes enrolling the merchant computingdevice using the first merchant data and the first IOT data, building,in an IOT data table, an IOT device profile using the first merchantdata and the first IOT data, and generating a hosted Uniform ResourceLocator (URL) associated with the merchant computing device. The methodfurther includes pushing the hosted URL signal, using a URL signal, to auser computing device via the IOT device, the URL signal is associatedwith the merchant, and wherein the hosted URL is pushed when the usercomputing device is paired to the IOT device. The method also includesinstructing the user computing device to convert the URL signal into aURL address, wherein the URL address is configured to direct a browserof the user computing device to a URL page associated with the merchant,and instructing the user computing device to load the URL address in thebrowser and display the URL page to a consumer associated with the usercomputing device.

In yet another aspect, a non-transitory computer readable medium thatincludes executable instructions for pushing hosted Universal ResourceLocators (URLs) to mobile computing devices is provided. When thecomputer executable instructions are executed by a host computing devicethat includes at least one processor in communication with at least onememory device, the computer executable instructions cause the hostcomputing device to receive first merchant and first Internet ofTechnology (IOT) data associated with a merchant computing device thatis associated with a merchant and is in communication with an Internetof Technology (IOT) device. The computer executable instructions alsocause the host computing device to enroll the merchant computing deviceusing the first merchant data and the first IOT data, build, in an IOTdata table, an IOT device profile using the first merchant data and thefirst IOT data, and generate a hosted Uniform Resource Locator (URL)associated with the merchant computing device. The computer executableinstructions further cause the host computing device to push the hostedURL, using a URL signal, to a user computing device via the IOT device,wherein the URL signal is associated with the merchant, and wherein thehosted URL is pushed when the user computing device is paired to the IOTdevice. The computer executable instructions also cause the hostcomputing device to instruct the user computing device to convert theURL signal into a URL address, wherein the URL address is configured todirect a browser of the user computing device to a URL page associatedwith the merchant, and instruct the user computing device to load theURL address in the browser and display the URL page to a consumerassociated with the user computing device.

BRIEF DESCRIPTION OF THE DRAWINGS

FIGS. 1-8 show example embodiments of the methods and systems describedherein.

FIG. 1 is a schematic diagram illustrating an example multi-partypayment card processing system for enabling payment-by-card transactionsbetween merchants, cardholders, and issuers.

FIG. 2 is a simplified block diagram of an example system used forpushing hosted Universal Resource Locators (URLs) to mobile computingdevices.

FIG. 3 illustrates an example configuration of a user computing deviceshown in FIG. 2, in accordance with one embodiment of the presentdisclosure.

FIG. 4 illustrates an example configuration of a server system shown inFIG. 2, in accordance with one embodiment of the present disclosure.

FIG. 5 is a simplified diagram illustrating the flow of data betweenvarious components of the host system shown in FIG. 2.

FIG. 6 is a flowchart of an example method for pushing hosted URLs tomobile computing devices.

FIG. 7 illustrates an example configuration of a host computing device,in accordance with one embodiment of the present disclosure.

FIG. 8 shows a diagram of components of an example computing device thatmay be used in the system shown in FIG. 2 to push hosted URLs to mobilecomputing devices.

Like numbers in the Figures indicate the same or functionally similarcomponents.

DETAILED DESCRIPTION

The host system described herein includes at least one host computingdevice, at least one merchant computing device, at least one usercomputing device associated with a consumer, at least one issuercomputing device, and at least one payment processor. The host systemfurther includes at least one Internet of Technology (IOT) device, suchas a Raspberry Pi, BLE (Bluetooth® Low-Energy) beacons, or the like, incommunication with the merchant computing device. In the exampleembodiment, the host computing device may be in communication with themerchant computing device, the user computing device, the issuercomputing device, and the payment processor. The host computing deviceis configured to generate and customize a hosted Universal ResourceLocator (URL) and push the hosted URL to the user computing device viathe IOT device.

The IOT device broadcasts the URL in the form of a URL signal. The IOTdevice may broadcast the URL signal using wireless signals, such as BLE,Wi-Fi, near field communications (NFC), infrared, ZIGBEE® (e.g., ZigBeeSmart Energy 1.0, ZigBee Smart Energy 2.0, ZIGBEE® is a registeredtrademark of ZigBee Alliance, Inc., of San Ramon, Calif.), highfrequency audio waves, and/or any other known types of wireless signals.The user computing device receives the URL signal when the usercomputing device is at a predefined distance from the IOT device. Oncethe user computing device receives the URL signal, the host computingdevice instructs, through the URL signal, the user computing device toconvert the URL signal into a URL address (e.g., http://www.mystore.com/products/fancy-fidget-spinner orhttps://bit.ly/xyxa).

The host computing device also instructs, through the URL signal, theuser computing device to load the URL address into the user computingdevice browser. The host computing device further instructs, through theURL address, the user computing device to direct the user computingdevice to display a customized merchant's URL webpage on the usercomputing device. The host computing device also instructs, through themerchant's URL webpage, the user computing device to prompt the consumerto enter additional data into a webpage associated with the merchantcomputing device so as to initiate a payment transaction.

The host computing device is also configured to customize the URL basedon a variety of parameters. For example, the host computing device maybe configured to generate a URL that is specific to a particularmerchant. That is, the host computing device builds a hosted site (alsoreferred to as “merchant's web page”) that is unique for the particularmerchant. The hosted site may include products and/or services themerchant offers. The hosted site may only include specific types ofgoods and/or services that the merchant offers (e.g., not all goodsand/or services offered by the merchant are included in the hostedsite). The host computing device is further configured to transmit theURL to multiple IOT devices in communication with the merchant computingdevice. The host computing device may configure each IOT device toreceive a particular URL associated with specific types of goods and/orservices.

For example, a merchant may offer deluxe candy and regular candy. Tosimplify the list of candies a consumer may see in the merchant's hostedsite, the merchant may use one IOT device for the deluxe candy andanother IOT device for the regular candy. The host computing device isconfigured to transmit a URL to each IOT device and each IOT device isconfigured to broadcast a URL signal to a user computing deviceassociated with the consumer. The host computing device instructs,through the URL signal, the user computing device to convert each URLsignal into a URL address, and to load each URL address into the usercomputing device browser. In this example, the user computing deviceloads two URL addresses that the user may access in different tabs ofthe user computing device browser. Then, the host computing deviceinstructs, through the URL address, the user computing device to directthe user to the customized merchant's webpage used for offering andselling the merchant's good(s) and/or service(s).

The host computing device includes a processor in communication with amemory. The host computing device is further in communication with atleast one database for storing information, such as consumer identifiersand/or consumer account identifiers, which identify a consumer accountand all payment methods (e.g., physical card, chip card, user computingdevice) associated with that payment account. The consumer accountidentifiers may include device identifiers associated with each paymentmethod, such as a phone number, an email address, a primary accountnumber (PAN), a token, a user computing device identifier, or othersimilar contact information associated with the user computing device orthe consumer. In the example embodiment, as some of the informationstored in the database may include personally identifiable information(PII), any stored PII is encrypted to prevent unauthorized access to thePII. Moreover, in any embodiments in which PII may be collected, theconsumer from which the PII may be collected is provided an opportunityto agree to or deny collection of such data.

The host computing device is further configured to push the hosted URLto the user computing device via the TOT device and receive purchasedata from the user computing device and the merchant computing device.The purchase data may include payment transactions initiated by aconsumer using a payment device (e.g., a payment card, digital wallet,mobile payment, etc.) associated with a particular transactionprocessing network. That is, the purchase data may include, among otherdata points, data associated with the consumer and the merchant involvedin the payment transaction. For example, the purchase data may includeone or more of: a consumer identifier, consumer biometric data, amerchant identifier, a merchant computing device identifier, consumeraccount data, a transaction amount, a time and date of the transaction,data descriptive of the purchase, a location of the transaction, andInternet of Technology (IOT) data. The host computing device is incommunication with a database that stores data related to the paymenttransactions, such as purchase data and transaction data. The hostcomputing device is also configured to perform a lookup within thedatabase to retrieve stored account data and compare the stored accountdata to the purchase data.

The stored account data may include consumer account information, suchas credit card or debit card information (e.g., a PAN an expirationdate, a card verification value (CVV), or the like), an encryptedconsumer address, an encrypted date of birth, and historical purchasedata. Once the host computing device has retrieved the stored data, thehost computing device compiles the purchase data and the stored accountdata, and generates transaction data. The transaction data may includethe stored account data and the purchase data. In general, the storedaccount data included in the transaction data is the matched data fromthe comparison of the stored data to the purchase data. The hostcomputing device is further configured to transmit the transaction datato the payment processor, which processes payment transactions using thetransaction data. In the example embodiment, the host computing deviceincludes the transaction data in an authorization request message (e.g.,ISO 8583 message). The host computing device is also configured togenerate and transmit the authorization request message to an issuerbank.

The host computing device is further configured to generate a URLassociated with a merchant registered to a URL hosted site service. Amerchant may register for the service by accessing the host computingdevice via a network, such as the Internet. At the time of registration,the merchant may provide some merchant data, such as the merchant'sbusiness address, the merchant's business name, the merchant's segmentof sales (e.g., type of goods and/or service that the merchant sells),and/or any other information related to the merchant and the merchant'sbusiness. Additionally, at the time of registration of the merchant, thehost computing device may assign to the merchant a merchant identifierand a merchant computing device identifier to the merchant computingdevice. The host computing device may also capture the merchantcomputing device Internet Protocol (IP) address and/or other dataassociated with the merchant computing device. During and/or afterregistration, the host computing device stores the information assignedto and captured from the merchant and merchant computing device.

The host computing device is also configured to receive a geolocation ofthe merchant computing device along with the purchase data. Thegeolocation is captured and transmitted to the merchant computing deviceby the TOT device. In one example, once the host computing devicereceives the geolocation, the host computing device may compare thereceived geolocation to a stored geolocation. The host computing deviceuses the comparison to determine whether the merchant computing deviceis an authorized registered merchant computing device in the URL hostedsite service. In one embodiment, a merchant associated with the merchantcomputing device may access the host computing device to indicate alocation where the merchant computing device is and/or is going to belocated. The host computing device is configured to perform thecomparison using the indicated location. In another embodiment, the hostcomputing device is configured to perform the comparison using a storeddefault location associated with the merchant computing device. In yetanother embodiment, the host computing device is configured to performthe comparison using a location associated with an TOT device profile(as explained in greater detail below).

In another example, the host computing device may determine that themerchant computing device is an authorized registered merchant computingdevice by comparing the merchant identifier included in the purchasedata to a stored merchant identifier. In yet another example, the hostcomputing device may determine that the merchant computing device is anauthorized registered merchant computing device by comparing themerchant computing device identifier in the purchase data to a storedmerchant computing device identifier. In another example, the hostcomputing device may use other purchase data associated with themerchant in order to determine that the merchant computing device is anauthorized registered merchant computing device.

If the merchant computing device is registered and authorized, the hostcomputing device transmits an approval response message to the merchantcomputing device and process the payment transaction. The host computingdevice may additionally transmit consumer data included in the purchasedata, such as the consumer identifier, the consumer biometric data, orthe like, to an issuer. The issuer may use this data to confirm that theconsumer is authorized to perform the transaction.

In the example embodiment, the host computing device may build rulesaround the IOT device. That is, the host computing device collects IOTdata from the IOT device via the merchant computing device, stores theIOT data within a database, retrieves the stored IOT data, builds aprofile for the IOT device, and stores the profile in an Internet ofTechnology (IOT) data table. The IOT data may include a merchantcomputing device geolocation, a time the merchant computing device is atthat geolocation, a user computing device geolocation, number of usercomputing devices in communication and/or that have been incommunication with the IOT device, user computing device identifiers foreach user computing device that is in communication or has been incommunication with the IOT device, an IOT device identifier, and otherIOT data that the host computing device may require. During and/or aftercollecting the IOT data, the host computing device may store the IOTdata within a database in communication with the host computing device.

The IOT device profile may indicate the most frequent times that the IOTdevice is at a specific location. This profile may also indicate whichtimes are busy or slow for the merchant. For example, if at some timeduring a day none or few user computing devices are in communicationwith the IOT device, the host computing device may determine that thetime is a slow time. Conversely, if at some time during that day a largeamount of user computing devices are in communication with the IOTdevice, the host computing device may determine that the time is a busytime. The host computing device may be configured to use the IOT deviceprofile and/or other data to determine that the merchant computingdevice is an authorized registered merchant computing device in the URLhosted site service. For example, if the host computing device comparesthe received IOT data to the stored IOT data and matches the receivedIOT data with the stored IOT data, the host computing device determinesthat the merchant computing device is an authorized registered merchantcomputing device in the URL hosted site service.

In the example embodiment, a consumer may have a payment account (e.g.,a credit card, debit card account, or the like) for which a physicalpayment card has been issued. As used herein, a “consumer” is a consumerhaving a payment card (e.g., a credit card, debit card, prepaid card,etc.) associated with a particular payment processing network (alsoreferred to herein as a “transaction processing network”) and/or anotherpayment device with electronically stored account or payment details,such as a digital wallet or mobile payment service. In one example, theconsumer has a user computing device associated with the paymentaccount. The consumer visits a merchant location and the merchantassociated with the merchant location uses an IOT device incommunication with a merchant computing device. The host computingdevice is configured to transmit a URL to the user computing device, viathe IOT device. The URL includes a list of goods and/or services thatthe merchant offers. In some embodiments, the URL also includes theprice for each good and/or service included in the list. The IOT deviceobtains this list from the host computing device via the merchantcomputing device. The transmission is initiated when the IOT devicedetects the user computing device. In order for the user computingdevice to receive the transmission, the user computing device requiresbeing detectable by the IOT device. The user computing device isdetectable if one or more of its wireless communication applications,such as BLE, Wi-Fi, near field communications (NFC), infrared, ZIGBEE®,high frequency audio waves, or the like, is active.

In the example embodiment, the consumer is nearby a merchant location.Once the IOT device detects the user computing device, the IOT devicemay broadcast a notification, via a URL signal, to the user computingdevice. The notification may include a request to exchange data. If theconsumer accepts the request, the IOT device pairs with the usercomputing device. In other embodiments, once the IOT device detects theuser computing device, the IOT device automatically pairs with the usercomputing device. After paring, the IOT device is configured tobroadcast a URL to the user computing device in the form of a URLsignal. When the user computing device receives the URL signal, the hostcomputing device instructs, through the URL signal, the user computingdevice to convert the URL signal into a URL address and to load the URLaddress into the user computing device browser. In some embodiments, theuser computing device may display the loaded URL address in the form ofa list. In other embodiments, the user computing device may display theloaded URL address in any suitable form that enables the consumer toselect the goods and/or services that the merchant offers and make apayment for the selected goods and/or services on the user computingdevice. The URL address enables the consumer to initiate a paymenttransaction from the user computing device.

Once the URL address is loaded, the consumer is able to see a merchant'sURL webpage and select one or more goods and/or services that themerchant offers. In one example, the consumer enters payment details(i.e., the consumer's account information) into the merchant's URLwebpage once the consumer has selected the goods and/or services desiredto be purchased, and the user computing device transmits the informationto the IOT device. In another example, the account information is storedin the user computing device. The user computing device mayautomatically enter such information in to the merchant's URL webpage.Once the account information is entered, the user computing device isconfigured to generate purchase data using the account information, theselected goods and/or services, and merchant data, and to transmit thepurchase data to the IOT device. The IOT device then transmits the datato the merchant computing device. In some embodiments, the merchantcomputing device transmits the purchase data to the host computingdevice. In other embodiments, the user computing device transmits thepurchase data to the host computing device.

In certain embodiments, the IOT device is at an attended merchantlocation. That is, a merchant (e.g., at least a person or a machine,such as a robot) is present and attending the location. The merchantcomputing device receives the purchase data and displays to the merchantthe goods and/or services selected by the consumer. Along with theconsumer's selection, the merchant computing device may display theconsumer identifier included in the purchase data that enables themerchant to identify the consumer in order for the merchant to providethe goods and/or services to the consumer. The merchant may request theconsumer to provide the user computing device or other type ofidentifier (e.g., a payment card associated with the consumer identifiertransmitted) that identifies the consumer as the consumer that selectedthe goods and/or services.

In other embodiments, the IOT device is at an unattended merchantlocation. That is, a merchant is not at the location. The merchantcomputing device receives the purchase data and based on the selectionsubmitted by the consumer, the merchant computing device selects thegoods and/or services that the consumer selected. In one example, theIOT device may be embedded in the merchant computing device. Forinstance, the merchant computing device may be a vending machine. Oncethe IOT device receives the consumer's selection, the IOT device mayinstruct the vending machine to release a product upon the payment ofthe consumer is approved. In another example, the IOT device may beembedded in another type of merchant computing device, such as a parkingmeter and/or a toll booth. Once the IOT device receives the consumer'sselection (e.g., time the consumer desires to park and/or zone number),the IOT device may transmit the selection to the parking meter uponapproval of the consumer payment. In yet another example, the IOT deviceis a standalone device that communicates with the merchant computingdevice.

In the example embodiment, the consumer attempts to make a purchase(e.g., a payment transaction) at a merchant location from their usercomputing device. The consumer enters the consumer account information,such as credit card or debit card information (e.g., a PAN, anexpiration date of the card, a card verification value (CVV) of thecard, or the like), during a checkout process on the merchant's URL pageto purchase the items selected in the merchant's URL page. When theconsumer submits the purchase data, a merchant server associated withthe merchant computing device may transmit an authorization requestmessage. The user computing device or the merchant computing device maygenerate an authorization request message using the purchase data. Theauthorization request message may include the purchase data, a consumerauthentication request, a user computing device authentication request,and/or a merchant computing device authentication request. If theauthorization request message includes at least one authenticationrequest, the authorization request message may be transmitted to andreceived by an authentication service. For example, some known paymentnetworks engage an authentication service, such as a 3-D Secure® (VisaInternational Service Association, Delaware) (3DS) protocol (e.g.,Mastercard SecureCode® (Mastercard International Incorporated, Purchase,N.Y.)) that performs an authentication of a consumer and/or a merchantprior to authorization of the transaction.

In the example embodiment, the merchant computing device identifier,which may be formatted as an extension to an authentication protocol,identifies the merchant computing device from which the paymenttransaction is initiated. Accordingly, in some cases, the merchantcomputing device identifier may include device information associatedwith the IOT device and/or the user computing device. IOT deviceinformation may include information associated with the user computingdevice used during initiation of the payment transaction, such as aunique hardware identifier, or an IP address associated with the device.The authorization request message may further include a “cartidentifier” (or “cart ID”), which is a unique token associated with theitem selected by the consumer on the merchant's URL page (e.g., theparticular items being purchased, the particular step in the checkoutprocess at which the authorization request message was initiated,profile information for a profile associated with the merchant, and thelike).

In some embodiments, the host computing device may be associated with anauthentication service, the payment processor, or an issuer bank. Thehost computing device is configured to receive the authorization requestmessage, for example, from a payment processor included within thepayment processing network or from the merchant computing device,through an Application Programming Interface (API), whichcommunicatively couples the merchant computing device and/or the paymentprocessor to the host computing device. The host computing devicereceives the authorization request message including the user computingdevice identifier, the consumer identifier, and the merchant computingdevice identifier. Using, for example, a lookup table, such as the IOTdata table, the host computing device may determine that the merchantcomputing device is a registered and authorized merchant computingdevice. Using the same table, the host computing device may alsodetermine that the consumer is authorized to perform the paymenttransaction.

For example, the host computing device may compare the stored biometricdata associated with the consumer and the biometric data included in thepurchase data as part of authorization request message. Further, thehost computing device may use merchant-specific or issuer-specific rulesto determine that the merchant computing device is registered andauthorized to perform the transaction and the consumer is authorized toperform the transaction. In some embodiments, the host computing devicereturns an approval response message to the merchant computing deviceand/or the user computing device once the host computing devicedetermines that the merchant computing device is an authorized andregistered merchant computing device in the URL hosted site service, andthe consumer is authorized to perform the payment transaction (e.g., thelegitimate cardholder).

In some embodiments, the host computing device is configured to applyrules that enable temporary access to the merchant's URL page. That is,consumers may not access the merchant's URL page after a predefined timeperiod (e.g., only business hours). The predefined time period may beconfigured by a merchant and/or a user for the host computing device.For example, the merchant may want to allow purchases through themerchant's URL page only for a given day. The merchant's URL page isactive only on that specific day. If a consumer visits that page onanother day (e.g., the merchant's URL page may be stored in the historyof the consumer's user computing device browser), the user computingdevice browser would display an error message indicating, for example,that the merchant's URL page is not available, the merchant location iscurrently not open, and/or the merchant's product and/or services arenot available. If a consumer is able to access the merchant's URL pageafter the predefined period of time, the host computing device isconfigured to identify the consumer as performing fraudulent activity.The host computing device is also configured to send a fraud alert tothe merchant, an issuer bank, and/or an acquiring bank and may block themerchant's URL page.

In other embodiments, the host computing device is configured to applyrules that enable access to the merchant's URL page based on apredefined distance between the IOT device and a user computing device.The predefined distance may be configured by a merchant and/or a user ofthe host computing device. For example, a consumer may be at themerchant location and may access the merchant's URL page. The consumermay or may not purchase a product and/or service offered by themerchant. In this embodiment, once the consumer leaves the merchantlocation, the consumer may not access the merchant's URL page. If theconsumer attempts to access the merchant's URL page, the consumer's usercomputing device displays an error indicating, for example, that themerchant's URL page is not available and/or the consumer is not in themerchant location or nearby this location. If a consumer is able toaccess the merchant's URL not within the predefined distance, the hostcomputing device is configured to identify the consumer as performingfraudulent activity. The host computing device is also configured tosend a fraud alert to the merchant, an issuer bank, and/or an acquiringbank and may block the merchant's URL page.

At least one of the technical problems addressed by this systemincludes: (i) required installment of an application in a user computingdevice to access a merchant's URL webpage; (ii) required manual entry ofa URL location in order to access a merchant's URL webpage; and (iii)inability to detect possible fraudulent activity based on thegeolocation of the merchant computing device.

A technical effect of the systems and processes described herein isachieved by performing at least one of the following steps: (a)receiving first merchant data and first Internet of Technology (TOT)data associated with a merchant computing device that is associated witha merchant and is in communication with an Internet of Technology (TOT)device; (b) enrolling the merchant computing device using the firstmerchant data and the first TOT data; (c) building, in an TOT datatable, an TOT device profile using the first merchant data and the firstTOT data; (d) generating a hosted Uniform Resource Locator (URL)associated with the merchant computing device; (e) pushing the hostedURL, using a URL signal, to a user computing device via the TOT device,wherein the URL signal is associated with the merchant, and wherein thehosted URL is pushed when the user computing device is paired to the TOTdevice; (f) instructing the user computing device to convert the URLsignal into a URL address, wherein the URL address is configured todirect a browser of the user computing device to a URL page associatedwith the merchant; and (g) instructing the user computing device to loadthe URL address in the browser and display the URL page to a consumerassociated with the user computing device.

As used herein, the term “authentication” (or an “authenticationprocess”) is used generally to refer to a process conducted on a paymenttransaction prior to the “authorization” of a transaction (or an“authorization process”). At least one purpose of the authenticationprocess is to evaluate whether or not the person conducting thetransaction is actually a person privileged to use the payment cardpresented in the transaction. An authentication process may be used toreduce fraudulent transactions, and thus protect one or more parties tothe transaction (e.g., the merchant, or the issuer of the payment card).

As used herein, a processor may include any programmable systemincluding systems using micro-controllers, reduced instruction setcircuits (RISC), application specific integrated circuits (ASICs), logiccircuits, and any other circuit or processor capable of executing thefunctions described herein. The above examples are example only, and arethus not intended to limit in any way the definition and/or meaning ofthe term “processor.”

As used herein, the terms “software” and “firmware” are interchangeable,and include any computer program stored in memory for execution by aprocessor, including RAM memory, ROM memory, EPROM memory, EEPROMmemory, and non-volatile RAM (NVRAM) memory. The above memory types areexample only, and are thus not limiting as to the types of memory usablefor storage of a computer program.

In one embodiment, a computer program is provided, and the program isembodied on a computer readable medium. In an example embodiment, thesystem is executed on a single computer system, without requiring aconnection to a sever computer. In a further embodiment, the system isbeing run in a Windows® environment (Windows is a registered trademarkof Microsoft Corporation, Redmond, Wash.). In yet another embodiment,the system is run on a mainframe environment and a UNIX® serverenvironment (UNIX is a registered trademark of X/Open Company Limitedlocated in Reading, Berkshire, United Kingdom). The application isflexible and designed to run in various different environments withoutcompromising any major functionality. In some embodiments, the systemincludes multiple components distributed among a plurality of computingdevices. One or more components may be in the form ofcomputer-executable instructions embodied in a computer-readable medium.The systems and processes are not limited to the specific embodimentsdescribed herein. In addition, components of each system and eachprocess can be practiced independent and separate from other componentsand processes described herein. Each component and process can also beused in combination with other assembly packages and processes.

As used herein, the terms “transaction card,” “financial transactioncard,” “payment card,” and “payment device” refer to any suitabletransaction card, such as a credit card, a debit card, a prepaid card, acharge card, a membership card, a promotional card, a frequent flyercard, an identification card, a prepaid card, a gift card, and/or anyother device that may hold payment account information, such as mobilephones, Smartphones, personal digital assistants (PDAs), wearablecomputing devices, key fobs, digital wallets, and/or computers. Eachtype of transactions card can be used as a method of payment forperforming a transaction. As used herein, the term “payment account” isused generally to refer to the underlying account with the paymentdevice. In addition, consumer behavior can include but is not limited topurchases, management activities (e.g., balance checking), billpayments, achievement of targets (meeting account balance goals, payingbills on time), and/or product registrations (e.g., mobile applicationdownloads).

The following detailed description illustrates embodiments of thedisclosure by way of example and not by way of limitation. It iscontemplated that the disclosure has general application to processingfinancial transaction data by a third party in industrial, commercial,and residential applications.

As used herein, an element or step recited in the singular and precededwith the word “a” or “an” should be understood as not excluding pluralelements or steps, unless such exclusion is explicitly recited.Furthermore, references to “example embodiment” or “one embodiment” ofthe present disclosure are not intended to be interpreted as excludingthe existence of additional embodiments that also incorporate therecited features.

FIG. 1 is a schematic diagram illustrating an example multi-partypayment card processing system 120 for enabling payment-by-cardtransactions between merchants 124, consumers 122, and issuer 130.Embodiments described herein may relate to a transaction card system,such as a credit card payment system using the Mastercard® interchangenetwork. The Mastercard® interchange network is a set of proprietarycommunications standards promulgated by Mastercard InternationalIncorporated® for the exchange of financial transaction data and thesettlement of funds between financial institutions that are registeredwith Mastercard International Incorporated®. (Mastercard is a registeredtrademark of Mastercard International Incorporated located in Purchase,N.Y.).

In the payment card processing system, a financial institution calledthe “issuer” issues a transaction card or electronic payments accountidentifier, such as a credit card, to a consumer or consumer 122, whouses the transaction card to tender payment for a purchase from amerchant 124. To accept payment with the transaction card, merchant 124must normally establish an account with a financial institution that ispart of the financial payment system. This financial institution isusually called the “merchant bank,” the “acquiring bank,” or the“acquirer.” When consumer 122 tenders payment for a purchase with atransaction card, merchant 124 requests authorization from a merchantbank 126 for the amount of the purchase. The request may be performedover the telephone, but is usually performed through the use of apoint-of-sale terminal, which reads consumer's 122 account informationfrom a magnetic stripe, a chip, or embossed characters on thetransaction card and communicates electronically with the transactionprocessing computers of merchant bank 126. Alternatively, merchant bank126 may authorize a third party to perform transaction processing on itsbehalf. In this case, the point-of-sale terminal will be configured tocommunicate with the third party. Such a third party is usually called a“merchant processor,” an “acquiring processor,” or a “third partyprocessor.”

Using an interchange network 128, computers of merchant bank 126 ormerchant processor will communicate with computers of an issuer 130 todetermine whether consumer account 132 associated with consumer 122 isin good standing and whether the purchase is covered by consumer's 122available credit line. Based on these determinations, the request forauthorization will be declined or accepted. If the request is accepted,an authorization code is issued to merchant 124.

When a request for authorization is accepted, the available credit lineof consumer account 132 is decreased. Normally, a charge for a paymentcard transaction is not posted immediately to consumer account 132because bankcard associations, such as Mastercard InternationalIncorporated®, have promulgated rules that do not allow merchant 124 tocharge, or “capture,” a transaction until goods are shipped or servicesare delivered. However, with respect to at least some debit cardtransactions, a charge may be posted at the time of the transaction.When merchant 124 ships or delivers the goods or services, merchant 124captures the transaction by, for example, appropriate data entryprocedures on the point-of-sale terminal. This may include bundling ofapproved transactions daily for standard retail purchases. If consumer122 cancels a transaction before it is captured, a “void” is generated.If consumer 122 returns goods after the payment transaction has beencaptured, a “credit” is generated. Interchange network 128 and/or issuer130 stores the transaction card information, such as a category ofmerchant, a merchant identifier, a location where the transaction wascompleted, amount of purchase, and date and time of transaction, in adatabase 220 (shown in FIG. 2).

After a purchase has been made, a clearing process occurs to transferadditional transaction data related to the purchase among the parties tothe transaction, such as merchant bank 126, interchange network 128, andissuer 130. More specifically, during and/or after the clearing process,additional data, such as a time of purchase, a merchant name, a type ofmerchant, purchase information, consumer account information, a type oftransaction, information regarding the purchased item and/or service,and/or other suitable information, is associated with a transaction andtransmitted between parties to the transaction as transaction data, andmay be stored by any of the parties to the transaction.

For debit card transactions, when a request for a personalidentification number (PIN) authorization is approved by the issuer,consumer account 132 is decreased. Normally, a charge is postedimmediately to consumer account 132. The payment card association thentransmits the approval to the acquiring processor for distribution ofgoods/services or information, or cash in the case of an automatedteller machine (ATM).

After a transaction is authorized and cleared, the transaction issettled among merchant 124, merchant bank 126, and issuer 130.Settlement refers to the transfer of financial data or funds amongmerchant's 124 account, merchant bank 126, and issuer 130 related to thetransaction. Usually, transactions are captured and accumulated into a“batch,” which is settled as a group. More specifically, a transactionis typically settled between issuer 130 and interchange network 128, andthen between interchange network 128 and merchant bank 126, and thenbetween merchant bank 126 and merchant 124.

In some embodiments, consumer 122 registers one or more payment cardswith a digital wallet. Having done this, consumer 122 can interact witha participating online merchant 124. At the check-out stage, onlinemerchant 124 displays a button on the merchant website which consumer122 can click on in order to make a payment using the consumer's 122digital wallet. Online merchant 124 then redirects consumer 122 to a“switch” operated by interchange network 128. Using a cookie located onthe consumer's 122 computer, the “switch” is able to determine whichwallet-hosting server hosts a wallet associated with consumer 122. Theswitch then establishes a connection between consumer's 122 computer andthe appropriate wallet-hosting system, which presents consumer 122 witha sign-in page (e.g., as a pop-up window), where there is anauthentication process (e.g., entry of a pre-agreed password). Thislog-in process may use the same login credentials (e.g., password) whichconsumer 122 also uses to obtain access to other online bankingactivities.

The wallet-hosting system then securely transfers the consumer's 122payment information to the online merchant's domain. The merchant'sdomain submits the consumer's 122 payment information to merchant bank126 for a separate authorization process in which the acquiring domaincommunicates with the issuer 130 to ask the bank to authorize thetransaction. Thus, consumer 122 is not required to enter their carddetails (except at the stage of initially registering with thewallet-hosting system), and the online transaction process isstreamlined with only a single redirection, and consistent branding forthe entire payment process, irrespective of the online merchant 124.

In some embodiments, a unique identifier is provided to consumer 122.The unique identifier is different from the number associated withconsumer account 132. In these embodiments, interchange network 128stores the unique identifier in database 220 along with consumer account132. When interchange network 128 receives the unique identifier,interchange network 128 determines the associated consumer account 132and uses that information in processing the payment transaction.

FIG. 2 is a simplified block diagram of an example host system 200, inwhich a variety of computing devices are communicatively coupled to eachother via a plurality of network connections. These network connectionsmay be Internet, LAN/WAN, or other connections capable of transmittingdata across computing devices. Host system 200 includes host computingdevice 250 and database server 216. In one embodiment, host computingdevice 250 and database server 216 are components of server system 212.Server system 212 may be a server, a network of multiple computerdevices, a virtual computing device, or the like. Host computing device250 may be connected to at least one merchant computing device 224, andan issuer computing device 230 via at least a payment processor 210.

Database server 216 is connected to database 220, which containsinformation on a variety of matters, as described below in greaterdetail. In one embodiment, database 220 is stored on server system 212and can be accessed by potential users of server system 212. In analternative embodiment, database 220 is stored remotely from serversystem 212 and may be non-centralized. Database 220 may include a singledatabase having separated sections or partitions or may include multipledatabases, each being separate from each other. Database 220 is incommunication with host computing device 250 and may store transactiondata and purchase data associated with consumer account 132 (shown inFIG. 1) associated with consumer 122.

The purchase data may include payment transactions initiated by consumer122 using a payment device (e.g., a payment card, digital wallet, mobilepayment, etc.) associated with a particular transaction processingnetwork. That is, the purchase data may include, among other datapoints, data associated with consumer 122 and merchant 124 (shown inFIG. 1) involved in the payment transaction. For example, the purchasedata may include one or more of: a consumer identifier, consumerbiometric data, a merchant identifier, a merchant computing deviceidentifier, consumer account data, a transaction amount, a time and dateof the transaction, data descriptive of the purchase, a location of thetransaction, and Internet of Technology (IOT) data.

Host computing device 250 is configured to perform a lookup withindatabase 220 to retrieve stored account data and compare the storedaccount data to the purchase data. The stored account data may includeconsumer account information, such as credit card or debit cardinformation (e.g., a PAN an expiration date, a card verification value(CVV), or the like), an encrypted consumer address, an encrypted date ofbirth, and historical purchase data. Once host computing device 250 hasretrieved the stored account data, the host computing device compilesthe purchase data and the stored data, and generates transaction data.The transaction data may include the stored account data and thepurchase data. In general, the stored account data included in thetransaction data is the matched data from the comparison of the storeddata to the purchase data. Host computing device 250 is also configuredto transmit the transaction data to payment processor 210, whichprocesses payment transactions using the transaction data. In theexample embodiment, host computing device 250 includes the transactiondata in an authorization request message. The host computing device isfurther configured to generate and transmit the authorization requestmessage to an issuer bank.

Host computing device 250 is also configured to generate a URLassociated with merchant 124 registered to a URL hosted site service.Merchant 124 may register to the service by accessing host computingdevice 250 via a network, such as the Internet. At the time ofregistration, merchant 124 may provide some merchant data, such as themerchant's business address, the merchant's business name, themerchant's segment of sales (e.g., type of goods and/or service that themerchant sells), and/or any other information related to merchant 124and the merchant's business. Additionally, at the time of registrationof merchant 124, host computing device 250 may assign to merchant 124 amerchant identifier and a merchant computing device identifier tomerchant computing device 224. Host computing device 250 may alsocapture the merchant computing device Internet Protocol (IP) addressand/or other data associated with merchant computing device 224. Duringand/or after registration, host computing device 250 stores theinformation assigned to and captured from merchant 124 and merchantcomputing device 224.

Host computing device 250 is further configured to receive a geolocationof merchant computing device 224 along with the purchase data. Thegeolocation is captured and transmitted to merchant computing device 124by IOT device 510 (shown in FIG. 5). In one example, once host computingdevice 250 receives the geolocation, host computing device 250 maycompare the received geolocation to a stored geolocation. Host computingdevice 250 uses the comparison to determine whether merchant computingdevice 224 is an authorized registered merchant computing device in theURL hosted site service. In one embodiment, a merchant 124 is associatedwith merchant computing device 224 and may access host computing device250 to indicate a location where merchant computing device 224 is and/oris going to be located. Host computing device 250 is configured toperform the comparison using the indicated location. In anotherembodiment, host computing device 250 is configured to perform thecomparison using a stored default location associated with merchantcomputing device 224. In yet another embodiment, host computing device250 is configured to perform the comparison using a location associatedwith an IOT device profile.

In another example, host computing device 250 may determine thatmerchant computing device 224 is an authorized registered merchantcomputing device by comparing the merchant identifier included in thepurchase data to a stored merchant identifier. In yet another example,host computing device 250 may determine that merchant computing device224 is an authorized registered merchant computing device by comparingthe merchant computing device identifier in the purchase data to astored merchant computing device identifier. In another example, thehost computing device may use other purchase data associated withmerchant 124 in order to determine that merchant computing device 224 isan authorized registered merchant computing device.

If merchant computing device 224 is registered and authorized, hostcomputing device 250 transmits an approval response message to merchantcomputing device 224 and processes the payment transaction. Hostcomputing device 250 may additionally transmit consumer data included inthe purchase data, such as the consumer identifier, the consumerbiometric data, or the like, to an issuer computing device 230. Issuercomputing device 230 may use this data to confirm that consumer 122 isauthorized to perform the transaction.

In the example embodiment, host computing device 250 may build rulesaround IOT device 510. That is, host computing device 250 collects IOTdata from IOT device 510 via merchant computing device 224, stores theIOT data within database 220, retrieves the stored IOT data, builds aprofile for IOT device 510, and stores the profile in an IOT data table728 (shown in FIG. 7). The IOT data may include a merchant computingdevice 224 geolocation, a time merchant computing device 224 is at thatgeolocation, user computing device 222 geolocation, number of usercomputing devices 222 in communication and/or that have been incommunication with IOT device 510, user computing device identifiers foreach user computing device 222 that is in communication or has been incommunication with IOT device 510, an IOT device identifier, and otherIOT data that host computing device 250 may require from IOT device 510.During and/or after collecting the IOT data, host computing device 250may store the IOT data within database 220.

The IOT device profile may indicate the most frequent times that IOTdevice 510 is at a specific location. This profile may also indicatewhich times are busy or slow for merchant 124. For example, if at sometime during a day none or few user computing devices 222 are incommunication with IOT device 510, host computing device 250 maydetermine that the time is a slow time. Conversely, if at some timeduring that day a large amount of user computing devices 222 are incommunication with IOT device 510, host computing device 250 maydetermine that the time is a busy time. Host computing device 250 may beconfigured to use the IOT device profile and/or other data to determinethat merchant computing device 224 is an authorized registered merchantcomputing device in the URL hosted site service. For example, if hostcomputing device 250 compares the received IOT data to the stored IOTdata and matches the received IOT data with the stored IOT data, hostcomputing device 250 determines that merchant computing device 224 is anauthorized registered merchant computing device in the URL hosted siteservice.

In some embodiments, host computing device 250 may be associated with anauthentication service, the payment processor 210, or an issuer 130(shown in FIG. 1). Host computing device 250 is configured to receivethe authorization request message, for example, from payment processor210 included within in payment processing network, such as interchangenetwork 128 (shown in FIG. 1), or from merchant computing device 224,through an Application Programming Interface (API), whichcommunicatively couples merchant computing device 224 and/or paymentprocessor 210 to host computing device 250. Host computing device 250receives the authorization request message including a user computingdevice identifier, a consumer identifier, and a merchant computingdevice identifier. Using, for example, a lookup table, such as IOT datatable 728 (shown in FIG. 7), host computing device 250 may determinemerchant computing device 224 is a registered and authorized merchantcomputing device. Using the same table, host computing device 250 mayalso determine that consumer 122 is authorized to perform the paymenttransaction.

For example, host computing device 250 may compare the stored biometricdata associated with consumer 22 and the biometric data included in thepurchase data as part of authorization request message. Further, hostcomputing device 250 may use merchant-specific or issuer-specific rulesto determine that merchant computing device 224 is registered andauthorized to perform the transaction and consumer 122 is authorized toperform the transaction. In some embodiments, host computing device 250returns an approval response message to merchant computing device 224and/or user computing device 222 once host computing device 250determines that merchant computing device 224 is an authorized andregistered merchant computing device in the URL hosted site service, andconsumer 122 is authorized to perform the payment transaction (e.g., thelegitimate cardholder).

FIG. 3 illustrates an example configuration of a user system 302, suchas user computing device 222 (shown in FIG. 2) configured to transmitdata to host computing device 250 (shown in FIG. 2). User system 302 mayinclude, but is not limited to, user computing device 222. In theexample embodiment, user system 302 includes a processor 305 forexecuting instructions. In some embodiments, executable instructions arestored in a memory 310. Processor 305 may include one or more processingunits, for example, a multi-core configuration. Memory 310 is any deviceallowing information such as executable instructions and/or writtenworks to be stored and retrieved. Memory 310 may include one or morecomputer readable media.

User system 302 also includes at least one media output component 315for presenting information to user 301. User 301 may include, but is notlimited to, consumer 122 (shown in FIG. 1). Media output component 315is any component capable of conveying information to user 301. Forexample, media output component 315 may be a display componentconfigured to display component lifecycle data in the form of reports,dashboards, communications, and the like. In some embodiments, mediaoutput component 315 includes an output adapter such as a video adapterand/or an audio adapter. An output adapter is operatively coupled toprocessor 305 and operatively connectable to an output device such as adisplay device, a liquid crystal display (LCD), organic light emittingdiode (OLED) display, or “electronic ink” display, or an audio outputdevice, a speaker or headphones.

In some embodiments, user system 302 includes an input device 320 forreceiving input from user 301. Input device 320 may include, forexample, a keyboard, a pointing device, a mouse, a stylus, a touchsensitive panel, a touch pad, a touch screen, a gyroscope, anaccelerometer, a position detector, an audio input device, a fingerprintreader/scanner, a palm print reader/scanner, a iris reader/scanner, aretina reader/scanner, a profile scanner, or the like. A singlecomponent, such as a touch screen, may function as both an output deviceof media output component 315 and input device 320. A single component,such as a touch screen, may function as both an output device of mediaoutput component 315 and input device 320. User system 302 may alsoinclude a communication interface 325, which is communicativelyconnectable to a remote device such as server system 212 (shown in FIG.2). Communication interface 325 may include, for example, a wired orwireless network adapter or a wireless data transceiver for use with amobile phone network (e.g., Global System for Mobile communications(GSM), 3G, 4G or Bluetooth™) or other mobile data network (e.g.,Worldwide Interoperability for Microwave Access (WIMAX)).

Stored in memory 310 are, for example, computer readable instructionsfor providing a user interface to user 301 via media output component315 and, optionally, receiving and processing input from input device320. A user interface may include, among other possibilities, a webbrowser, and client application. Web browsers enable users, such as user301, to display and interact with media and other information typicallyembedded on a web page or a website from server system 212. A clientapplication allows user 301 to interact with a server application fromserver system 212.

FIG. 4 illustrates an example configuration of a server system 401, suchas server system 212 (shown in FIG. 2) that includes host computingdevice 250 (shown in FIG. 2). Server system 401 may include, but is notlimited to, database server 216 (shown in FIG. 2) or host computingdevice 250. In some embodiments, server system 401 is similar to serversystem 212.

Server system 401 includes a processor 405 for executing instructions.Instructions may be stored in a memory 410, for example. Processor 405may include one or more processing units (e.g., in a multi-coreconfiguration) for executing instructions. The instructions may beexecuted within a variety of different operating systems on the serversystem 401, such as UNIX®, LINUX® (LINUX is a registered trademark ofLinus Torvalds), Microsoft Windows®, etc. More specifically, theinstructions may cause various data manipulations on data stored instorage device 434 (e.g., create, read, update, and delete procedures).It should also be appreciated that upon initiation of a computer-basedmethod, various instructions may be executed during initialization. Someoperations may be required in order to perform one or more processesdescribed herein, while other operations may be more general and/orspecific to a particular programming language (e.g., C, C#, C++, Java,or other suitable programming languages, etc.).

Processor 405 is operatively coupled to a communication interface 415such that server system 401 is capable of communicating with a remotedevice, such as a user system or another server system 401. For example,communication interface 415 may receive communications from issuercomputing device via a plurality of network connections, as illustratedin FIG. 2.

Processor 405 may also be operatively coupled to a storage device 434.Storage device 434 is any computer-operated hardware suitable forstoring and/or retrieving data. In some embodiments, storage device 434is integrated in server system 401. In other embodiments, storage device434 is external to server system 401 and is similar to database 220(shown in FIG. 2). For example, server system 401 may include one ormore hard disk drives as storage device 434. In other embodiments,storage device 434 is external to server system 401 and may be accessedby a plurality of server systems 401. For example, storage device 434may include multiple storage units such as hard disks or solid statedisks in a redundant array of inexpensive disks (RAID) configuration.Storage device 434 may include a storage area network (SAN) and/or anetwork attached storage (NAS) system.

In some embodiments, processor 405 is operatively coupled to storagedevice 434 via a storage interface 420. Storage interface 420 is anycomponent capable of providing processor 405 with access to storagedevice 434. Storage interface 420 may include, for example, an AdvancedTechnology Attachment (ATA) adapter, a Serial ATA (SATA) adapter, aSmall Computer System Interface (SCSI) adapter, a RAID controller, a SANadapter, a network adapter, and/or any component providing processor 405with access to storage device 434.

Memory 410 may include, but is not limited to, random access memory(RAM) such as dynamic RAM (DRAM) or static RAM (SRAM), read-only memory(ROM), erasable programmable read-only memory (EPROM), electricallyerasable programmable read-only memory (EEPROM), and non-volatile RAM(NVRAM). The above memory types are exemplary only, and are thus notlimiting as to the types of memory usable for storage of a computerprogram.

FIG. 5 is a simplified diagram illustrating the flow of data betweenvarious components of a host system 200, shown in FIG. 2. In the exampleembodiment, a consumer 502 (who may be similar to consumer 122, shown inFIG. 1) has a user computing device 504 (which may be similar to usercomputing device 222, shown in FIG. 2) associated with a consumeraccount 132 (shown in FIG. 1), as described above. In the exampleembodiment, consumer 502 visits a merchant location and merchant 124(shown in FIG. 1) associated with the merchant location uses IOT device510 in communication with merchant computing device 506 (which may besimilar to merchant computing device 224, shown in FIG. 2). Hostcomputing device 250 is configured to transmit a URL to user computingdevice 504, via IOT device 510. The URL includes a list of goods and/orservices that merchant 124 offers. In some embodiments, the URL alsoincludes the price for each good and/or service included in the list.IOT device 510 obtains this list from the host computing device viamerchant computing device 506. The transmission is initiated when IOTdevice 510 detects user computing device 504. In order for usercomputing device 504 to receive the transmission, user computing device504 requires being detectable by IOT device 510. User computing device504 is detectable if one or more of its wireless communicationapplications, such as Bluetooth™, Wi-Fi, or the like, is active.

In the example embodiment, consumer 502 is nearby a merchant location.Once IOT device 510 detects user computing device 504, IOT device 510may broadcast a notification, via a URL signal, to user computing device504. The notification may include a request to exchange data. Ifconsumer 502 accepts the request, IOT device 510 pairs with usercomputing device 504. In other embodiments, once IOT device 510 detectsuser computing device 504, IOT device 510 automatically pairs with usercomputing device 504. After paring, IOT device 510 is configured tobroadcast a URL to user computing device 504 in the form of a URLsignal. When user computing device 504 receives the URL signal, hostcomputing device 250 instructs, through the URL signal, user computingdevice 504 to convert the URL signal into a URL address and to load theURL address into user computing device's 504 browser. In someembodiments, user computing device 504 may display the loaded URLaddress in the form of a list. In other embodiments, user computingdevice 504 may display the loaded URL address in any suitable form thatenables consumer 502 to select the goods and/or services that merchant124 offers and make a payment for the selected goods and/or services onuser computing device 504. The URL address enables consumer 502 toinitiate a payment transaction from user computing device 504.

Once the URL address is loaded, consumer 502 is able to see merchant's124 URL webpage and select one or more goods and/or services thatmerchant 124 offers. In one example, consumer 502 enters payment details(i.e., the consumer's account information) into merchant's 124 URLwebpage once consumer 502 has selected the goods and/or services desiredto be purchased, and user computing device 504 transmits the informationto IOT device 510. In another example, the account information is storedin user computing device 504. User computing device 504 mayautomatically enter such information in to merchant's 124 URL webpage.Once the account information is entered, user computing device 504 isconfigured to generate purchase data using the account information, theselected goods and/or services, and merchant data, and to transmit thepurchase data IOT device 510. The IOT device then transmits the data tomerchant computing device 506. In some embodiments, merchant computingdevice 506 transmits the purchase data to host computing device 250. Inother embodiments, user computing device 504 transmits the purchase datato host computing device 250.

In certain embodiments, IOT device 510 is at an attended merchantlocation. That is, merchant 124 (e.g., at least a person or a machine,such as a robot) is present and attending the location. Merchantcomputing device 506 receives the purchase data and displays to merchant124 the goods and/or services selected by the consumer 502. Along withconsumer's 502 selection, merchant computing device 506 may display theconsumer identifier included in the purchase data that enables merchant124 to identify consumer 502 in order for merchant 124 to provide thegoods and/or services to consumer 502. Merchant 124 may request consumer502 to provide user computing device or other type of identifier (e.g.,a payment card associated with the consumer identifier transmitted) thatidentifies consumer as the consumer 502 that selected the goods and/orservices.

In other embodiments, IOT device 510 is at an unattended merchantlocation. That is, merchant 124 is not at the location. Merchantcomputing device 506 receives the purchase data and based on theselection submitted by consumer 502, merchant computing device 506selects the goods and/or services that consumer 502 selected. In oneexample, IOT device 510 may be embedded in merchant computing device506. For instance, merchant computing device 506 may be a vendingmachine. Once IOT device 510 receives consumer's 502 selection, IOTdevice 510 may instruct the vending machine to release a product uponthe payment of consumer 502 is approved. In another example, IOT device510 may be embedded in another type of merchant computing device, suchas a parking meter and/or a toll booth. Once the IOT device receivesconsumer's 502 selection (e.g., time the consumer desires to park and/orzone number), IOT device 510 may transmit the selection to the parkingmeter upon approval of consumer 502 payment. In yet another example, IOTdevice 510 is a standalone device that communicates with merchantcomputing device 506.

In the example embodiment, consumer 502 attempts to make a purchase(e.g., a payment transaction) at a merchant location from their usercomputing device 504. Consumer 502 enters the consumer accountinformation, such as credit card or debit card information (e.g., a PAN,an expiration date of the card, a card verification value (CVV) of thecard, or the like), during a checkout process on merchant's 124 URL pageto purchase the items selected in merchant's 124 URL page. When consumer502 submits the purchase data, a merchant server associated withmerchant computing device 506 may transmit an authorization requestmessage. User computing device 504 or merchant computing device 506 maygenerate an authorization request message using the purchase data. Theauthorization request message may include the purchase data, a consumerauthentication request, a user computing device authentication request,and/or a merchant computing device authentication request. If theauthorization request message includes at least one authenticationrequest, host computing device 250 may transmit the authorizationrequest to an authentication service. For example, some known paymentnetworks engage an authentication service, such as a 3-D Secure® (VisaInternational Service Association, Del.) (3DS) protocol (e.g.,Mastercard SecureCode® (Mastercard International Incorporated, Purchase,N.Y.)) that performs an authentication of a consumer and/or a merchantprior to authorization of the transaction. Host computing device 250 mayalso transmit the authorization request message to issuer computingdevice 230. Issuer computing device 230 and/or the authenticationservice may transmit an authentication response message in response tothe authentication request message. The authentication response messagemay include a denial or an approval of the payment transaction initiatedby consumer 502.

FIG. 6 is a flow chart of a process 600 for pushing hosted URLs tomobile computing devices using host system 200 shown in FIG. 2. In theexample embodiment, process 600 is performed by host computing device250 (shown in FIG. 2). Method 600 includes receiving 602 first merchantdata and first Internet of Technology (IOT) data associated with amerchant computing device that is associated with a merchant and is incommunication with an Internet of Technology (IOT) device. Method 600also includes enrolling 604 the merchant computing device using thefirst merchant data and the first IOT data, building 606, in an IOT datatable, an IOT device profile using the first merchant data and the firstIOT data, and generating 608 a hosted Uniform Resource Locator (URL)associated with the merchant computing device. Method 600 furtherincludes pushing 610 the hosted URL, using a URL signal, to a usercomputing device via the IOT device, wherein the URL signal isassociated with the merchant, and wherein the hosted URL is pushed whenthe user computing device is paired to the IOT device. Method 600 alsoincludes instructing 612 the user computing device to convert the URLsignal into a URL address, wherein the URL address is configured todirect a browser of the user computing device to a URL page associatedwith the merchant, and instructing 614 the user computing device to loadthe URL address in the browser and display the URL page to a consumerassociated with the user computing device.

FIG. 7 illustrates an example configuration of a host computing device250 (also shown in FIG. 2) for pushing hosted Universal ResourceLocators (URLs) to mobile computing devices. Host computing device 250may include, but is not limited to, processor 705 for executinginstructions. In some embodiments, processor 705 is similar to processor405 (shown in FIG. 4). In the example embodiment, host computing device250 includes executable instructions that are stored in a memory area710. Processor 705 may include one or more processing units, forexample, a multi-core configuration. Memory area 710 is any deviceallowing information such as executable instructions and/or writtenworks to be stored and retrieved. Memory area 710 may include one ormore computer readable media.

Host computing device 250 includes a processor 705 for executinginstructions. Instructions may be stored in a memory area 710, forexample. Processor 705 may include one or more processing units (e.g.,in a multi-core configuration) for executing instructions. Theinstructions may be executed within a variety of different operatingsystems on Host computing device 250, such as UNIX®, LINUX® (LINUX is aregistered trademark of Linus Torvalds), Microsoft Windows®, etc. Morespecifically, the instructions may cause various data manipulations onan Internet of Technology (JOT) data table 728 (e.g., create, read,update, and delete data). It should also be appreciated that uponinitiation of a computer-based method, various instructions may beexecuted during initialization. Some operations may be required in orderto perform one or more processes described herein, while otheroperations may be more general and/or specific to a particularprogramming language (e.g., C, C#, C++, Java, or other suitableprogramming languages, etc.).

Processor 705 is operatively coupled to a communication interface (notshown) such that host computing device 250 is capable of communicatingwith a remote device, such as payment processor 210 (shown in FIG. 2).For example, communication interface may receive communications fromissuer computing device 230 (shown in FIG. 2) associated with issuer 130via the Internet, as illustrated in FIG. 1.

Processor 705 may also be operatively coupled to a storage device 720.Storage device 720 is any computer-operated hardware suitable forstoring and/or retrieving data. In some embodiments, storage device 720is integrated in host computing device 250. In other embodiments,storage device 720 is external to host computing device 250 and issimilar to storage device 434 (shown in FIG. 4). For example, hostcomputing device 250 may include one or more hard disk drives as storagedevice 434. In other embodiments, storage device 720 is external to hostcomputing device 250 and may be accessed by a plurality of hostcomputing devices 250. For example, storage device 720 may includemultiple storage units such as hard disks or solid state disks in aredundant array of inexpensive disks (RAID) configuration. Storagedevice 720 may include a storage area network (SAN) and/or a networkattached storage (NAS) system.

In some embodiments, processor 705 is operatively coupled to storagedevice 720 via a storage interface 722. Storage interface 722 is anycomponent capable of providing processor 705 with access to storagedevice 720. Storage interface 722 may include, for example, an AdvancedTechnology Attachment (ATA) adapter, a Serial ATA (SATA) adapter, aSmall Computer System Interface (SCSI) adapter, a RAID controller, a SANadapter, a network adapter, and/or any component providing processor 705with access to storage device 720.

In certain embodiments, processor 705 is configured to instruct hostcomputing device 250 to build an IOT device profile in IOT data table728 using stored extract Internet of Technology (IOT) data. Processor705 is also configured to instruct host computing device 250 to parsetransaction data stored within storage device 720, extract the IOT datafrom the transaction data, and continuously update IOT data table 728using the IOT data. Processor 705 is further configured to instruct hostcomputing device 250 to build an IOT device profile using the IOT data.This profile may indicate the most frequent times that IOT device 510(shown in FIG. 5) is at a specific location or that the user device isat the specific location as identified by or when paired to the IOTdevice 510. This profile may also indicate which times are busy or slowfor merchant 124 (shown in FIG. 1). For example, if at some time duringa day none or few user computing devices, such as user computing device222 (shown in FIG. 2), are connected to IOT device 510, host computingdevice 250 may determine that the time is a slow time. Conversely, if atsome time during that day a large amount of user computing devices areconnected to IOT device 510, host computing device 250 may determinethat the time is a busy time. Host computing device 250 may beconfigured to use the IOT device profile and/or other data to determinethat merchant computing device 224 (shown in FIG. 2) is an authorizedregistered merchant computing device in the URL hosted site service. Forexample, if host computing device 250 compares the received IOT data tothe stored IOT data and matches the received IOT data with the storedIOT data, host computing device 250 determines that merchant computingdevice 224 is an authorized registered merchant computing device in theURL hosted site service.

Processor 705 may also instruct host computing device 250 to update IOTdata table 728 every time the transaction data associated with a storedIOT device profile is received.

Memory area 710 may include, but is not limited to, random access memory(RAM) such as dynamic RAM (DRAM) or static RAM (SRAM), read-only memory(ROM), erasable programmable read-only memory (EPROM), electricallyerasable programmable read-only memory (EEPROM), and non-volatile RAM(NVRAM). The above memory types are exemplary only, and are thus notlimiting as to the types of memory usable for storage of a computerprogram.

FIG. 8 is a diagram 800 of components of one or more example computingdevices that may be used in host system 200 shown in FIG. 2. In someembodiments, computing device 810 is similar to host computing device250 (shown in FIG. 2). Database 820 may be coupled with several separatecomponents within computing device 810, which perform specific tasks. Inthis embodiment, database 820 includes transaction data 822, IOT data824, and authorization data 826. In some embodiments, database 820 issimilar to database 220 (shown in FIG. 2).

Computing device 810 includes database 820, as well as data storagedevices 830. Computing device 810 also includes a communicationscomponent 840 for receiving 602 purchase data and pushing 610 (bothshown in FIG. 6) a hosted URL, using a URL signal, to user computingdevice 222 (shown in FIG. 2) via IOT device 510 (shown in FIG. 5).Computing device 810 also includes a generating component 850 forgenerating 608 (shown in FIG. 6) a URL with embedded instructions foruser computing device 222 and IOT device 510. Computing device 810further includes a building component 860 for building 606 an IOT deviceprofile in IOT data table 728 (shown in FIG. 7).

Having described aspects of the disclosure in detail, it will beapparent that modifications and variations are possible withoutdeparting from the scope of aspects of the disclosure as defined in theappended claims. As various changes could be made in the aboveconstructions, products, and methods without departing from the scope ofaspects of the disclosure, it is intended that all matter contained inthe above description and shown in the accompanying drawings shall beinterpreted as illustrative and not in a limiting sense.

While the disclosure has been described in terms of various specificembodiments, those skilled in the art will recognize that the disclosurecan be practiced with modification within the spirit and scope of theclaims.

As used herein, the term “non-transitory computer-readable media” isintended to be representative of any tangible computer-based deviceimplemented in any method or technology for short-term and long-termstorage of information, such as, computer-readable instructions, datastructures, program modules and sub-modules, or other data in anydevice. Therefore, the methods described herein may be encoded asexecutable instructions embodied in a tangible, non-transitory, computerreadable medium, including, without limitation, a storage device, and/ora memory device. Such instructions, when executed by a processor, causethe processor to perform at least a portion of the methods describedherein. Moreover, as used herein, the term “non-transitorycomputer-readable media” includes all tangible, computer-readable media,including, without limitation, non-transitory computer storage devices,including, without limitation, volatile and nonvolatile media, andremovable and non-removable media such as a firmware, physical andvirtual storage, CD-ROMs, DVDs, and any other digital source such as anetwork or the Internet, as well as yet to be developed digital means,with the sole exception being a transitory, propagating signal.

As will be appreciated based on the foregoing specification, theabove-described embodiments of the disclosure may be implemented usingcomputer programming or engineering techniques including computersoftware, firmware, hardware or any combination or subset thereof,wherein the technical effect is a flexible and secure system for variousaspects of online payment transaction by pushing hosted URLs, using aURL signal, to mobile computing devices. Any such resulting program,having computer-readable code means, may be embodied or provided withinone or more computer-readable media, thereby making a computer programproduct, i.e., an article of manufacture, according to the discussedembodiments of the disclosure. The article of manufacture containing thecomputer code may be made and/or used by executing the code directlyfrom one medium, by copying the code from one medium to another medium,or by transmitting the code over a network.

In addition, although various elements of the host computing device aredescribed herein as including general processing and memory devices, itshould be understood that the host computing device is a specializedcomputer configured to perform the steps described herein for pushinghosted URLs, using a URL signal, to mobile computing devices.

This written description uses examples to disclose the embodiments,including the best mode, and also to enable any person skilled in theart to practice the embodiments, including making and using any devicesor systems and performing any incorporated methods. The patentable scopeof the disclosure is defined by the claims, and may include otherexamples that occur to those skilled in the art. Such other examples areintended to be within the scope of the claims if they have structuralelements that do not differ from the literal language of the claims, orif they include equivalent structural elements with insubstantiallocational differences from the literal language of the claims.

What is claimed is:
 1. A host system for pushing hosted UniversalResource Locators (URLs) to mobile computing devices comprising a hostcomputing device, the host computing device comprising a processorcommunicatively coupled to a memory, the host computing deviceconfigured to: receive, from a merchant computing device, first merchantdata and first Internet of Technology (TOT) data associated with themerchant computing device, wherein the merchant computing device isassociated with a merchant and is in communication with an Internet ofTechnology (TOT) device, wherein the TOT data is collected by themerchant computing device from the TOT device; enroll the merchantcomputing device using the first merchant data and the first TOT data;build, in an TOT data table, an TOT device profile using the firstmerchant data and the first IOT data; generate a hosted Uniform ResourceLocator (URL) associated with the merchant computing device; push thehosted URL, using a URL signal, to the IOT device, wherein the URLsignal is associated with the merchant, and wherein the hosted URL ispushed in response to the IOT device being paired to a user computingdevice associated with a consumer; instruct, via the IOT device, theuser computing device to convert the URL signal into a URL address,wherein the URL address is configured to direct a browser of the usercomputing device to a URL page associated with the merchant; andinstruct, via the IOT device, the user computing device to load the URLaddress in the browser and display the URL page on the user computingdevice.
 2. The host computing device of claim 1 further configured to:receive purchase data associated with a payment transaction, wherein thepurchase data includes at least a consumer identifier, a user computingdevice location, a second merchant data, and second IOT data; and storethe purchase data within a database.
 3. The host computing device ofclaim 2 further configured to: parse the purchase data; extract thesecond merchant data and the second IOT data from the purchase data; andcompile the second merchant data and the second IOT data.
 4. The hostcomputing device of claim 2 further configured to: update the IOT tableusing the second merchant data and the IOT data; compare the firstmerchant data to the second merchant data; and compare the first IOTdata to the second IOT data.
 5. The host computing device of claim 2further configured to: match a merchant computing device geolocationincluded in the first IOT data and a merchant computing devicegeolocation included in the second IOT data; and match a time includedin the first IOT data and a time included in the second IOT data.
 6. Thehost computing device of claim 5 further configured to: determine themerchant computing device is registered and authorized to perform thepayment transaction based on the matching; and transmit an authorizationresponse to the user computing device.
 7. The host computing device ofclaim 5 further configured to: compare a user computing devicegeolocation included in the second IOT data to the merchant computingdevice geolocation included in the second IOT data; calculate a distancebetween the user computing device geolocation and the merchant computingdevice geolocation; compare the calculated distance to a predefineddistance; and determine the calculated distance is within the predefineddistance.
 8. A computer-implemented method for pushing hosted UniversalResource Locators (URLs) to mobile computing devices, said methodimplemented using a host computing device in communication with amemory, said method comprising: receiving, from a merchant computingdevice, first merchant data and first Internet of Technology (IOT) dataassociated with the merchant computing device, wherein the merchantcomputing device is associated with a merchant and is in communicationwith an Internet of Technology (IOT) device, wherein the IOT data iscollected by the merchant computing device from the IOT device;enrolling the merchant computing device using the first merchant dataand the first IOT data; building, in an IOT data table, an IOT deviceprofile using the first merchant data and the first IOT data; generatinga hosted Uniform Resource Locator (URL) associated with the merchantcomputing device; pushing the hosted URL, using a URL signal, to the IOTdevice, wherein the URL signal is associated with the merchant, andwherein the hosted URL is pushed in response to the IOT device beingpaired to a user computing device associated with a consumer;instructing, via the IOT device, the user computing device to convertthe URL signal into a URL address, wherein the URL address is configuredto direct a browser of the user computing device to a URL pageassociated with the merchant; and instructing, via the IOT device, theuser computing device to load the URL address in the browser and displaythe URL page on the user computing device.
 9. The method claim 8 furthercomprising: receiving purchase data associated with a paymenttransaction, wherein the purchase data includes at least a consumeridentifier, a second merchant data, and second IOT data; and storing thepurchase data within a database.
 10. The method of claim 9 furthercomprising: parsing the purchase data; extracting the second merchantdata and the second IOT data from the purchase data; and compiling thesecond merchant data and the second IOT data.
 11. The method of claim 9further comprising: updating the IOT table using the second merchantdata and the IOT data; comparing the first merchant data to the secondmerchant data; and comparing the first IOT data to the second IOT data.12. The method of claim 9 further comprising: matching a merchantcomputing device geolocation included in the first IOT data and amerchant computing device geolocation included in the second IOT data;and matching a time included in the first IOT data and a time includedin the second IOT data.
 13. The method of claim 12 further comprising:determining the merchant computing device is registered and authorizedto perform the payment transaction based on the matching; andtransmitting an authorization response to the user computing device. 14.The method of claim 12 further comprising: comparing a user computingdevice geolocation included in the second IOT data to the merchantcomputing device geolocation included in the second IOT data;calculating a distance between the user computing device geolocation andthe merchant computing device geolocation; comparing the calculateddistance to a predefined distance; and determining the calculateddistance is within the predefined distance.
 15. A non-transitorycomputer-readable storage media having computer-executable instructionsembodied thereon, wherein when executed by host computing device havingat least one processor coupled to at least one memory device, thecomputer-executable instructions cause the processor to: receive, from amerchant computing device, first merchant data and first Internet ofTechnology (IOT) data associated with the merchant computing device,wherein the merchant computing device is associated with a merchant andis in communication with an Internet of Technology (IOT) device, whereinthe IOT data is collected by the merchant computing device from the IOTdevice; enroll the merchant computing device using the first merchantdata and the first IOT data; build, in an IOT data table, an IOT deviceprofile using the first merchant data and the first IOT data; generate ahosted Uniform Resource Locator (URL) signal associated with themerchant computing device; push the hosted URL, using a URL signal, tothe IOT device, wherein the URL signal is associated with the merchant,and wherein the hosted URL is pushed in response to the IOT device beingpaired to a user computing device associated with a consumer; instruct,via the IOT device, the user computing device to convert the URL signalinto a URL address, wherein the URL address is configured to direct abrowser of the user computing device to a URL page associated with themerchant; and instruct, via the IOT device, the user computing device toload the URL address in the browser and display the URL page on the usercomputing device.
 16. The computer-executable instructions of claim 15further cause the processor to: receive purchase data associated with apayment transaction, wherein the purchase data includes at least aconsumer identifier, a second merchant data, and second IOT data; andstore the purchase data within a database.
 17. The computer-executableinstructions of claim 16 further cause the processor to: parse thepurchase data; extract the second merchant data and the second IOT datafrom the purchase data; and compile the second merchant data and thesecond IOT data.
 18. The computer-executable instructions of claim 16further cause the processor to: update the IOT table using the secondmerchant data and the IOT data; compare the first merchant data to thesecond merchant data; and compare the first IOT data to the second IOTdata.
 19. The computer-executable instructions of claim 16 further causethe processor to: match a merchant computing device geolocation includedin the first IOT data and a merchant computing device geolocationincluded in the second IOT data; and match a time included in the firstIOT data and a time included in the second IOT data.
 20. Thecomputer-executable instructions of claim 19 further cause the processorto: determine the merchant computing device is registered and authorizedto perform the payment transaction based on the matching; and transmitan authorization response to the user computing device.